Workshop and Interviews

• Analysis of the OT architecture, review of existing documentation, identification of vulnerabilities in business and management processes, determining individual security objectives as well as risk acceptance

On-Site Inspection

• Gain an understanding of your custom production processes, create a hacker’s perspective of your company, security assessment of existing physical interfaces, firewalls and remote maintenance procedures

Technical Security Assessment

• Testing the production network for vulnerabilities, including penetration tests for individual systems, security analysis of network transitions and data exchange points between business IT and OT

Security Assessment of ICS and DCS Architectures

• Threat assessment for specific ICS architectures such as Siemens PCS7, Yokogawa Centum VP, ABB 800xA, Valmet DNA, Honeywell Experion, Rockwell, and others, with technical recommendations included in the audit report
• Risk and threat analysis within the safety zone for Safety Instrumented Systems (SIS)

Risk Modelling

Assessment of all critical production processes, as well as their related production systems and vulnerabilities, calculation of potential damages resulting from compromising or failure of production systems, creating attacker models and evaluating the attack complexity and occurrence probabilities, analysis of cumulative risk for the entire production

Measures and Solutions

Development and prioritization of short-term and long-term remediation measures, both on a technical and procedural level, support in the development of a holistic security concept